Items tagged with log4j

If you're reading this, you probably don't need to be told that a "bug bounty" is a cash prize paid to security researchers that find a software exploit. Non-USians might need to be told that "DHS" refers to the United States Department of... Read more...
Are you tired of hearing about Log4shell yet? Well settle in, because a top-3-worst-security-exploit-ever doesn't vanish overnight. Microsoft updated its article about the flaw (which we mentioned on Wednesday) once again, this time with... Read more...
In case you weren't yet taking the Log4shell vulnerability in Apache's Log4J seriously, here's another reason to do so: threat actors associated with malware distributors, ransomware-as-a-service vendors, and even nation-states are... Read more...
Even if you're from the U.S., you may not have heard of CISA. The Cybersecurity and Infrastructure Security Agency is part of the Department of Homeland Security, and it primarily handles technological threats to the nation. Well, CISA is... Read more...
You may have heard about a recent prank making the rounds in Minecraft. By sending a chat message starting with "${jndi:ldap://" users could make their friends' Minecraft client open a browser window and go to a specific website. So... Read more...